Quantcast
Connect with us

US agency that certifies the security of voting machines was itself hacked: report

Published

on

The U.S. agency charged with ensuring that voting machines meet security standards was itself penetrated by a hacker after the November elections, according to a security firm working with law enforcement on the matter.

The security firm, Recorded Future, was monitoring underground electronic markets where hackers buy and sell wares and discovered someone offering log-on credentials for access to computers at the U.S. Election Assistance Commission, company executives said.

ADVERTISEMENT

Posing as a potential buyer, the researchers engaged in a conversation with the hacker, said Levi Gundert, vice president of intelligence at the company, and Andrei Barysevich, director of advanced collection.

Eventually they discovered that the Russian-speaking hacker had obtained the credentials of more than 100 people at the election commission after exploiting a common database vulnerability, the researchers said.

The hacker was trying to sell information about the vulnerability to a Middle Eastern government for several thousand dollars, but the researchers alerted law enforcement and said Thursday that the hole had been patched.

The Election Assistance Commission said in a statement late Thursday that it had become aware of a “potential intrusion” and was “working with federal law enforcement agencies to investigate the potential breach and its effects.”

ADVERTISEMENT

“The FBI is currently conducting an ongoing criminal investigation,” the statement added.

The election commission certifies voting systems and develops standards for technical guidelines and best practices for election officials across the country.

The researchers said the hacker had an unusual business model, scanning for ways to break into all manner of businesses and other entities and then moving rapidly to sell that access, rather than stealing the data himself.

ADVERTISEMENT

“We don’t think he actually works for any government or is super sophisticated,” Barysevich said.

In the case of the election commission, the hacker used methods including an SQL injection, a well known and preventable flaw, obtaining a list of user names and obfuscated passwords, which he was then able to crack.

Though much of the commission’s work is public, the hacker gained access to non-public reports on flaws in voting machines.

ADVERTISEMENT

In theory, someone could have used knowledge of such flaws to attack specific machines, said Matt Blaze, an electronic voting expert and professor at the University of Pennsylvania.

The researchers were confident that the hacker moved to sell his access soon after getting it, meaning that he was not inside the system before election day.

The U.S. voting process is decentralized and there were no reports of widespread fraud in November.

ADVERTISEMENT

The Election Assistance Commission was created by the Help America Vote Act of 2002 and is led by presidential appointees.

(Editing by Jonathan Weber and Leslie Adler)


Report typos and corrections to: [email protected].
READ COMMENTS - JOIN THE DISCUSSION
Continue Reading

Breaking Banner

Ex-AG Matt Whitaker ‘pretty much acknowledges abuse of power’ in Fox News interview

Published

on

The former acting Attorney General of the United States argued that presidential abuse of power is not a crime during a Tuesday evening appearance on Fox News.

Abuse of power is not a crime,” Matt Whitaker told Fox News personality Laura Ingraham.

Tufts University Professor Daniel Drezner was fascinated by the admission.

"Interesting that Whitaker pretty much acknowledges abuse of power but doesn’t think it’s egregious," Drezner noted.

Continue Reading

2020 Election

‘Abuse of power is not a crime’: Former acting AG Matt Whitaker makes a brazen claim on Fox News

Published

on

Former acting Attorney General Matt Whitaker told a Fox News audience that it is not a crime for President Donald Trump to abuse the power of his office.

Whitaker made the comments while complaining about "global elitists" during an interview with Laura Ingraham.

"What evidence of a crime do you have?" Whitaker asked, despite Trump, acting White House Chief of Staff Mick Mulvaney and defense lawyer Rudy Giuliani all admitting Trump sought foreign election interference to help his struggling re-election campaign.

"Abuse of power is not a crime," the nation's former top law enforcement office argued.

Continue Reading
 

2020 Election

Joe Biden apologizes for ‘partisan lynching’ comments about Bill Clinton’s impeachment

Published

on

Former Vice President Joe Biden on Tuesday apologized for comments he made saying impeachment could be viewed as a "partisan lynching."

The comments from a 1998 interview were reported after Biden said it was "abhorrent" and "despicable" for President Donald Trump to refer to impeachment as a lynching.

"Even if the President should be impeached, history is going to question whether or not this was just a partisan lynching or whether or not it was something that in fact met the standard, the very high bar, that was set by the founders as to what constituted an impeachable offense," Biden said in 1998.

Continue Reading
 
 
Help Raw Story Uncover Injustice. Join Raw Story Investigates for $1 and go ad-free.
close-image